Data Breaches Archives - Infosecurity

Asigra launched Tigris Data Protection

Posted on September 14, 2022 by admin

Asigra launched Tigris Data Protection software with CDR (Content Disarm & Reconstruction). Asigra Tigris Data Protection software now includes CDR for protection against deeply embedded malware to address the ransomware threat, which now significantly increases the risk to both primary and backup data.

The most recent generation of ransomware hides harmful code within content files that are frequently nested and compressed. Cybercriminals know that antimalware cannot scan what it cannot see, so they can avoid detection by using deeply embedded code. The data protection platform Asigra Tigris unifies cybersecurity and backup, fostering new levels of collaboration between data protection and security experts.

Val Silva, CTO of Asigra “Worrisome increases in cybersecurity attacks on critical business systems has followed the rise in remote work environments over the past couple years. These attacks are commonly finding their way within corporate networks, and in many cases, specifically targeting backup systems.

With Asigra CDR, Tigris Data Protection has reset the bar with ultra-secure backup that ensures organizations meet their business continuity objectives for absolute confidence in the ability to recover mission-critical data when needed.”

The brand-new security feature, CDR, breaks down supported files into their smallest parts to find any embedded malicious code, macros, links, or executables. CDR reconstructs the original file without the malware after filtering and containing the malware. The technology eliminates any potential payload threats that are deeply buried within each file, outperforming predictive detection-based techniques. By maintaining file functionality and authenticity without the use of malicious code, the new CDR functionality ensures the integrity of the files.

Asigra’s security architecture now includes soft-delete support, FIPS 140-2 certified encryption, bidirectional CDR, zero-day exploit protection, variable repository naming to non-standard names to prevent recognition, deep MFA (multi-factor authentication), and variable repository sanitization with inline detection on both the backup and recovery streams.

Voltage CyberRes One solution, FAS SmartScan, provides data discovery and protection capabilities!

Posted on September 5, 2022 by admin

Voltage File Analysis Suite (FAS), a cloud platform that combines the newest in data discovery and data protection, has received an update from CyberRes, a Micro Focus business. The business claims that SmartScan, a tool for intelligent sampling and dynamic tagging for petabyte-scale data discovery, is one of the new features of Voltage FAS that enables data analysts to locate the areas of higher data risk faster.

Reiner Kappenberger, Director Product Management for Voltage Data Privacy and Protection at CyberRes, says, “The new CyberRes Voltage File Analysis Suite takes data security to the next level with its data discovery and protection capabilities within one solution. Since it is delivered as a Software-as-a-Service (SaaS) solution, it possesses the scalability needed to meet the needs of any user’s data estate. Furthermore, the dynamic Voltage SmartScan tool provides users with the resources needed to conduct more prescriptive, deeper scans of their data infrastructure, and take more focused protective actions.”

Voltage FAS, according to CyberRes, is not constrained by the limitations of physical or political boundaries, allowing users to reach and maintain compliance standards for the numerous privacy regulations that are becoming more and more prevalent around the world.

With dynamic data masking and contextually aware entity detection for more than 39 nations and economic zones, Voltage FAS is intended to improve overall privacy awareness. Along with its availability as a SaaS platform, Voltage FAS is now also offered as an MSSP option with this release. By comprehending and overseeing existing data, Voltage FAS integrates with cloud, on-premises, and all hybrid models. Voltage FAS may also be used on private clouds, allowing organizations to effectively locate and safeguard their sensitive data without having any data leave the region, which is advantageous because some regions restrict data residency for organizations.

Data Dynamics launched StorageX9.0

Posted on August 24, 2022 by admin

Data Dynamics StorageX9.0, released by Data Dynamics, will enhance, and expand the functionalities of the company’s current products to assist customers in managing the complexity and sprawl of unstructured data. Enterprises can use it to organize and analyze their data, derive practical insights, implement security procedures, uphold compliance, and improve business performance. StorageX 9.0 is loaded with new features like Share and DFS analytics, NFSv4 and NFSv3 POSIX security translation, and support for versioned object mobility.

Cuong Le, CSO of Data Dynamics commented, “StorageX 9.0 is an enhancement to our already strong data management portfolio. It helps our enterprise customers with the capabilities they need for intelligent heterogenous petabyte-scale migrations and modernization, with fast time to value, maintaining compliance, and enhanced data security.”

Furthermore, StorageX and Microsoft recently worked together to create the Azure File Migration service. Through this program, businesses can use StorageX for cost-free data migration to Azure.

StorageX can assist businesses in realizing the full potential of their data when combined with Data Dynamics’ unified unstructured data management platform. Data Mobility, Data Analytics, Data Security, and Data Compliance are just a few of the end-to-end data management capabilities that the platform supports.

Leading unstructured data migration software from Data Dynamics, StorageX offers policy-based data migration without vendor lock-in. Intelligent, quick, and secure petabyte-scale unstructured data migrations are made possible by StorageX’s seamless cloud data migration, data center consolidation, and storage optimization technologies. StorageX provides dynamic data for the digital enterprise, allowing enterprises to use its data to gain a competitive edge.

Ntrinsec Launches Groundbreaking Key Security Automation Platform

Posted on August 23, 2022 by admin

Ntrinsec launched a groundbreaking new key security automation platform. The platform reduces security issues related to improper key management and misuse of encryption keys. Ntrinsec delivers complete automation around all key lifecycle operations by integrating with third-party key management systems (KMS), hard security modules (HSMs), certificate authorities, and significant cloud providers. This will guarantee that all keys follow the best procedures and put an end to key compromises.

Ntrinsec CEO, Michael Leidesdorff said, “With a potent combination of technology and a team with decades of expertise, Ntrinsec is in a prime position to solve today’s data protection challenges. We are excited to introduce the world’s first key security automation platform from Ntrinsec. Our goal is to protect organizations from data breaches, and this tool has the strength to do just that. Ntrinsec’s moving target defense approach is making sure that digital secrets are kept safe in perpetuity. Bad actors are increasingly exploiting key hygiene issues like key reuse and local wallets. With this attack vector quickly growing and industry standards calling only for annual key rotation, which is hopelessly out-of-date, a platform like Ntrinsec is needed now more than ever.”

Ntrinsec has developed a moving-target protection method that outwits hackers in today’s more complicated situations by automating machine identification secrets at scale. To maintain good key hygiene and spot exploitable key reuse, users can automatically and safely map all keys and host computers within the platform. In order to successfully prevent data breaches before they ever start, Ntrinsec powers intelligent crypto-reduction strategies to develop anomaly detection and automate speedy remediation.

Davenport Group Collaborated with Stratodesk

Posted on August 18, 2022 by admin

Davenport Group has announced a partnership with Stratodesk and is now a part of the Stratodesk Edge channel partner program, which provides end-to-end IT solutions to businesses across the country. This new collaboration will provide their joint customers, particularly in the education, health care, state and local government, and manufacturing markets, with an IT solution that includes everything from storage to data security technologies and Stratodesk NoTouch software.

Sonia St. Charles, CEO of Davenport Group stated, “Working with Stratodesk will enable Davenport Group to enhance our strategic focus on the end-user computing space by making it easier than ever for organizations to self-service within Stratodesk NoTouch OS. Our clients will benefit greatly from this unique capability from the EUC innovator. Our customers want secure endpoints, user mobility, and ease of management – a critical IT need we meet with Stratodesk when paired with Dell and VMware Solutions. Additionally, as a Dell Technologies Titanium Partner, these latest updates mean our customers can leverage new and existing Dell PCs, laptops, and thin clients – repurposing them with the latest clients from VDI/Cloud vendors to operate like new.”

Davenport Group has been delivering IT solutions to businesses across North America since 2001, including data center modernization, virtualization, storage, data protection, HCI, and client computing.

Davenport Group provides customers with true IT transformation through its years of field experience, certifications in Dell EMC and VMware technologies, and recognition as a Dell EMC Certified Titanium Partner and a VMware Enterprise Partner. Davenport ensures that customers now have more secure, hybrid workplaces by providing Stratodesk NoTouch OS as a preferred EUC operating system.

Stratodesk Edge, the company’s channel partner enablement program, has welcomed Davenport Group. Customers of Stratodesk and Davenport Group can use Stratodesk software to support multiple work sites and mobile workers. This collaboration will provide organizations with a solution for transforming their endpoints into centrally managed and secure endpoints capable of delivering seamless user experiences to end users via VMware Horizon.

Stratodesk NoTouch software is preinstalled on all VDI clients and runs on all endpoints in an organization, regardless of make, model, or manufacturer. Businesses can save money by eliminating the need to purchase hardware while connecting endpoints to their network environment and integrating with other Davenport Group solutions.

Emanuel Pirker, Founder and CEO at Stratodesk commented, “We continue our focus as a channel-led company and commitment to providing enterprises across the country and beyond with access to best-of-breed leading technology solutions. Customers gain competitive advantage through the feature rich EUC technology solutions offered by Stratodesk’s partnership with trusted technology advisors.”

Protecto and Snowflake Partnered for Data Protection

Posted on July 11, 2022 by admin

Protecto announced the integration of its artificial intelligence and privacy engineering platform into Snowflake. Snowflake is a data cloud company; this integration will help customers to identify data security issues before data breaches, and customer trust violations occur.

Data is the foundation of modern businesses, but it is increasingly susceptible to security flaws, privacy violations, and theft. Manual processes and compliance checks are insufficient to safeguard today’s complex data environments. The partnership between Protecto and Snowflake will provide visibility in identifying data protection vulnerabilities while maintaining the speed and agility of Snowflake’s platform.

Amar Kanagaraj, Founder and CEO of Protecto, commented, “The world is evolving to be privacy-first and zero-trust security. As a result, companies expect data security and privacy as part of their data stack. We’re introducing Data Posture Intelligence, a technology multiple steps ahead of the competition to deliver data protection in minutes.”

Protecto automates data privacy, security, and governance audits to provide results in minutes. The solution provides data posture insights in a single pane of glass, which helps their joint customers in finding personal information. It helps them determine who has access to sensitive data, identify inactive users, and audit user permissions. It allows customers to check user activities for potential privacy violations. Customers can recognize unused data that is open, overexposed, or stale.

Venkat Gopalan, Chief Data Officer of Belcorp, commented, “Cloud data platforms such as Snowflake give us enormous scalability and agility. With Protecto and Snowflake’s partnership, we have tighter control over our data security and privacy. Products like Protecto give us granular visibility over data protection across our Snowflake Data Cloud.”

IBM Acquired Databand.ai for Data Security

Posted on July 7, 2022 by admin

IBM announced the acquisition of Databand.ai, a provider of data observability software that assists organizations in resolving data issues such as errors, pipeline failures, and poor quality before they impact their bottom line.

Organizations are struggling to manage the health and quality of their data sets, which is required to make better business decisions and gain a competitive advantage as the volume of data continues to grow at an unprecedented rate. Data observability, a rapidly growing market opportunity, is quickly emerging as a key solution for assisting data teams and engineers in better understanding the health of data in their system and automatically identifying, troubleshooting, and resolving issues such as anomalies, breaking data changes, or pipeline failures in near real-time.

This acquisition enhances IBM’s software portfolio across data, AI, and automation to address the full spectrum of observability and aids organizations in ensuring that reliable data is placed in the hands of the appropriate users at the appropriate time.

Databand.ai is IBM’s fifth acquisition in 2022 as the company expands its hybrid cloud and AI capabilities.

Josh Benamram, Co-Founder and CEO of Databand.ai, stated, “You can’t protect what you can’t see, and when the data platform is ineffective, everyone is impacted –including customers. That’s why global brands such as FanDuel, Agoda, and Trax Retail already rely on Databand.ai to remove bad data surprises by detecting and resolving them before they create costly business impacts. Joining IBM will help us scale our software and significantly accelerate our ability to meet the evolving needs of enterprise clients.”

The open and extendable approach of Databand.ai enables data engineering teams to integrate and gain observability into their data infrastructure easily. This acquisition will provide Databand.ai with additional resources to expand its observability capabilities for broader integrations across more open-source and commercial solutions that power the modern data stack. Enterprises will also have complete control over how Databand.ai is deployed, whether as a SaaS or a self-hosted software subscription.

IBM’s acquisition of Databand.ai expands on the company’s R&D investments and strategic acquisitions in AI and automation. IBM is well-positioned to address the full spectrum of observability across IT operations by combining Databand.ai with IBM Observability by Instana APM and IBM Watson Studio.

Data observability solutions are also essential components of a company’s overall data strategy and architecture. The acquisition of Databand.ai expands IBM’s existing data fabric solution by assisting in the delivery of the most accurate and trustworthy data to the right hands at the right time – regardless of where it resides.

Daniel Hernandez, General Manager for Data and AI at IBM, commented, “Our clients are data-driven enterprises who rely on high-quality, trustworthy data to power their mission-critical processes. When they don’t have access to the data they need at any given moment, their business can grind to a halt. With the addition of Databand.ai, IBM offers the most comprehensive set of observability capabilities for IT across applications, data, and machine learning and is continuing to provide our clients and partners with the technology they need to deliver reliable data and AI at scale.”

Normalyze Raises Millions to Help Manage Sensitive Data

Posted on June 30, 2022 by admin

Normalyze is an agentless platform that assists organizations in better managing sensitive data, as well as attack paths to it in today’s complex, multi-cloud environments, thereby protecting customers from large and damaging data breaches. Security teams can continuously assess, prioritize, and react to cloud data threats and stop sensitive data loss using Normalyze’s graph-powered platform.

Normalyze has emerged from stealth with $22.2 million in Series A funding led by Lightspeed Venture Partners and Battery Ventures. This funding round brings the company’s total funding to $26.6 million.

Amer Deeba, Cofounder and CEO at Normalyze stated, “Today’s enterprises find their data scattered throughout their various cloud environments with limited visibility of where sensitive data resides. It’s a massive problem that current cloud security offerings aren’t equipped to handle. We built Normalyze to help companies of all sizes discover, classify and secure sensitive data across all public clouds. With simple onboarding and minimum ramp-up time, our platform provides full visibility on data security posture to better gauge risk and proactively respond to sensitive data threats.”

Normalyze has the unique ability to bring together all security stakeholders in one user interface, from the CISO to the security engineer to DevOps, to discover data, classify it, and prioritize the discovery of attack paths that can lead to sensitive information. Normalyze’s data-first cloud security platform works in three stages, it builds an intelligent graph with deep context and transitive trust relationships representing all the data stores, applications, identities, and infrastructure resources in all clouds and how they all connect during discovery and analysis. The agentless data scanner from Normalyze then determines which data stores contain sensitive information and automatically maps it to specific profiles such as PCI, HIPAA, and GDPR.

Ravi Ithal, Cofounder and CTO of Normalyze commented, “Our graph-powered platform is a hub that connects all data with assets, identities, accesses, misconfigurations, and vulnerabilities to help security teams continuously discover sensitive information, determine attack paths, and automate remediation efforts to secure it. With the Normalyze one-pass scanner, users can scan structured and unstructured data stores to discover sensitive information based on predefined compliance profiles for PII, GDPR, HIPAA, and more with minimal upfront configuration and cost, all while ensuring data never leaves their cloud environments.”

Cyware Declared SOC 2 TYPE 2 Compliance for Data Security

Netskope Improvised Netskope Private Access

Posted on June 22, 2022 by admin

Netskope announced significant improvements to Netskope Private Access, the zero-trust network access (ZTNA) foundation of its security platform. Customers of Netskope can now apply zero trust principles to the broadest range of hybrid work security requirements, including SaaS, IaaS, private applications, web, e-mail, and endpoint devices.

In hybrid work environments, enterprises are rapidly adopting Secure Access Service Edge (SASE) technology architecture. ZTNA is critical to SASE, it enables organizations to transition from legacy remote access VPN infrastructure to a modern, efficient, and secure infrastructure.

Netskope Private Access, which provides ZTNA services, is an essential component of the Netskope Intelligent SSE platform. It connects users to corporate resources anywhere, using any device, and continuously evaluates context and adapts to reduce risk. This context has now been extended to the enterprise data layer, leveraging Netskope’s unified DLP capabilities. Netskope provides advanced data protection capabilities, which are highlighted as an area where other SASE and SSE vendors fall short.

John Martin, Chief Product Officer at Netskope stated, “Enterprises need data-centric ZTNA—period. Private applications often house some of an organization’s most valuable information, including trade secrets and code repositories, and are an absolute must for comprehensive data protection capabilities. These key enhancements to Netskope Private Access extend Netskope’s award-winning zero-trust data protection capabilities that much further, offering enterprises multiple options to protect the information, from inspecting private application traffic to applying DLP in risky use cases such as third-party access and BYOD.”

A hybrid work environment needs the ability to apply zero trust principles to govern user, device, network, application, and data behavior, thereby increasing confidence in policy enforcement everywhere. Under zero trust, technology resources no longer implicitly trust any entity seeking to connect. The resource can determine an appropriate level of confidence, or trust, only for that specific interaction and by evaluating several contextual elements such as user role and identity, device identity and security posture, time of day, data sensitivity level, and more. Businesses become more agile, reduce risk, and streamline application deployment and ongoing maintenance because of using Netskope Intelligent SSE with zero trust data protection throughout.

Chris Rodriguez, Research Director of Security & Trust at IDC stated, “Zero trust network access is all about optimizing the balance of enabling access and mitigating risk, and the most effective ZTNA solutions, including Netskope Private Access, help reduce the risk and exposure associated with legacy remote-access VPNs. Enterprises should be pleased to see that Netskope continues to innovate and has now added capabilities to strengthen data protection policies across the widest range of use cases, from SaaS to private apps.”

Everything you need to know about Zero Trust Security in 2022!

Onapsis Assess Baseline to Safeguard SAP

Posted on May 11, 2022 by admin

Onapsis Assess Baseline facilitates businesses of all sizes to accelerate time-to-value by simplifying deployment with a new SaaS-based, zero-footprint model and focusing on a core, targeted set of critical vulnerabilities as the first steps on their journey to ensure SAP application cybersecurity, compliance, and availability. When organizations are ready to expand, Onapsis Assess Baseline provides a simple expansion to additional scope for vulnerability management, as well as capabilities for continuous threat monitoring and application security testing.

Onapsis launched Onapsis Assess Baseline, a new offering that helps organizations jumpstart their SAP vulnerability management programs by better aligning with the SAP Security Baseline. Organizations must re-evaluate how they secure their most critical systems considering the exponential growth of targeted ransomware and the increased threat of cyber warfare as a result of global conflict. Companies are struggling to keep up with the growing number of vulnerabilities exploited by threat actors to gain access to their business-critical applications as the threat landscape evolves and becomes more aggressive.

Mariano Nunez, CEO of Onapsis stated, “Securing business-critical applications have always been challenging, but there’s a larger bullseye on the backs of organizations today – more than ever before – as sophisticated threat actors increasingly target Enterprise Resource Planning (ERP) systems. We have successfully helped the world’s largest and most sophisticated organizations integrate their business applications into their cybersecurity and compliance programs. Now, Assess Baseline makes it easy for customers who are getting started with their SAP application security programs to jumpstart quickly and effectively protecting the applications that power their businesses.”

Key organizational advantages of Onapsis Baseline assessment include reduced implementation costs through faster deployment. Assess Baseline provides quick deployment and implementation with zero footprint scanning, whether in their cloud, on-premises, or via Onapsis’ SaaS platform. Users can scan with Assess Baseline against the SAP-recommended security baseline requirements for an organization’s SAP systems within hours, resulting in a faster time-to-value for SAP vulnerability management. The scans provide powerful context about critical vulnerabilities, mitigation instructions, and assurance that patches were applied, saving valuable resource time.

Steve Biskie, national ERP risk, and automation services leader with RSM US LLP said, “Today’s threat landscape requires a holistic approach to securing business-critical SAP applications such as ERP software. It is exciting to see Onapsis continuing to innovate its solutions to assist companies on their security maturity journey. The new Baseline license can help pave the way for more organizations to have an entry point into vulnerability management for SAP applications that could help keep their critical data and applications safe and compliant.”

Read more articles:

Privacy Management